Closed MaysaMacedo closed 4 months ago
@MaysaMacedo: all tests passed!
Full PR test history. Your PR dashboard.
/hold
/label backport-risk-assesed /lgtm
good job @MaysaMacedo!
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: gryf, MaysaMacedo
The full list of commands accepted by this bot can be found here.
The pull request process is described here
/label backport-risk-assesed
@gryf: The label(s) /label backport-risk-assesed
cannot be applied. These labels are supported: acknowledge-critical-fixes-only, platform/aws, platform/azure, platform/baremetal, platform/google, platform/libvirt, platform/openstack, ga, tide/merge-method-merge, tide/merge-method-rebase, tide/merge-method-squash, px-approved, docs-approved, qe-approved, no-qe, downstream-change-needed, rebase/manual, cluster-config-api-changed, approved, backport-risk-assessed, bugzilla/valid-bug, cherry-pick-approved, jira/valid-bug, staff-eng-approved
. Is this label configured under labels -> additional_labels
or labels -> restricted_labels
in plugin.yaml
?
/label backport-risk-assessed
@gryf: Can not set label backport-risk-assessed: Must be member in one of these teams: [kuryr-kubernetes]
I tested this with the following network policy, which defines this podSelector: {}
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default-deny
namespace: test
spec:
podSelector: {}
policyTypes:
- Ingress
with the fix the number of selected pods that has the sg reduces in half in every reconciliation is reduced to half.
It's possible the list of Pods to update the security groups contains repeated Pods. Let's avoid update of security group for the Port of a Pod is the security groups were already updated.